Attacks, such as attacks utilizing flooding, denial of service, distributed denial of service (DDoS), viruses, worms, trojan horses, rogue applications, malware, exploits, spam, phishing, etc., are becoming an ever-increasing problem in today's Internet. For example, by sending large amounts of malicious packets, denial of service attacks can cause consumption and/or overload of scarce, limited, and/or non-renewable system and/or network resources, such as bandwidth, disk space, CPU time, and/or allocations thereof; destruction and/or alteration of configuration information, such as routing information; disruption of normal operating system functionality; and/or physical destruction and/or alteration of network components, etc.
The deep packet inspection (DPI) technology, as a core technology for network intrusion detection and application protocol identification, plays an increasingly important role in the field of network and information security. The DPI technology implements deep analysis on a data packet using a feature matching algorithm to obtain application information of the data packet so as to implement services such as network optimization, application traffic control, and security detection. A collection of DPI devices can act in unison to protect networks from bulk attacks, such as DDoS, where host server devices can get overwhelmed by too many requests that flood their capacity resulting in the severing of requests from legitimate host client devices to either be slow or not resolve at all. Typical existing load balancing implementations are static and require an operator to manually partition available load balancing devices.
As such, a new, scalable, and automatic load balancing approach with inherent intelligence is desirable. Such an automated approach should enable full utilization of DDoS scrubbing capacity and allow seamless DPI device addition and/or removal to/from the device group.